changeset 2029:dfa35ca83d92

'sql_injectable_prim' instance for 'url'
author Adam Chlipala <adam@chlipala.net>
date Sun, 15 Jun 2014 10:48:53 -0400
parents 485570cb3b6e
children 6add6d00ef5f
files lib/ur/basis.urs src/monoize.sml tests/sqlurl.ur tests/sqlurl.urp
diffstat 4 files changed, 15 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/lib/ur/basis.urs	Sun Jun 15 09:27:41 2014 -0400
+++ b/lib/ur/basis.urs	Sun Jun 15 10:48:53 2014 -0400
@@ -703,6 +703,7 @@
 val atom : string -> css_value
 type url
 val css_url : url -> css_value
+val sql_url : sql_injectable_prim url
 type css_property
 val property : string -> css_property
 val value : css_property -> css_value -> css_property
--- a/src/monoize.sml	Sun Jun 15 09:27:41 2014 -0400
+++ b/src/monoize.sml	Sun Jun 15 10:48:53 2014 -0400
@@ -2208,6 +2208,10 @@
             ((L'.EAbs ("x", (L'.TFfi ("Basis", "string"), loc), (L'.TFfi ("Basis", "string"), loc),
                        (L'.EFfiApp ("Basis", "sqlifyString", [((L'.ERel 0, loc), (L'.TFfi ("Basis", "string"), loc))]), loc)), loc),
              fm)
+          | L.EFfi ("Basis", "sql_url") =>
+            ((L'.EAbs ("x", (L'.TFfi ("Basis", "string"), loc), (L'.TFfi ("Basis", "string"), loc),
+                       (L'.EFfiApp ("Basis", "sqlifyString", [((L'.ERel 0, loc), (L'.TFfi ("Basis", "string"), loc))]), loc)), loc),
+             fm)
           | L.ECApp ((L.EFfi ("Basis", "sql_prim"), _), t) =>
             let
                 val t = monoType env t
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/sqlurl.ur	Sun Jun 15 10:48:53 2014 -0400
@@ -0,0 +1,4 @@
+table t : { Url : url }
+
+task initialize = fn () =>
+     dml (INSERT INTO t (Url) VALUES ({[bless "http://www.google.com/"]}))
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/sqlurl.urp	Sun Jun 15 10:48:53 2014 -0400
@@ -0,0 +1,6 @@
+database dbname=test
+sql sqlurl.sql
+rewrite url Sqlurl/*
+allow url http://www.google.com/
+
+sqlurl